NEAS[.]6a6d25c0d36173d73c4660611bfb9c40[.]exe

General

Target

NEAS.6a6d25c0d36173d73c4660611bfb9c40.exe
Size

1.1MB
MD5

6a6d25c0d36173d73c4660611bfb9c40
SHA1

fe9c38770c69b0dfa6f09178eafae34fcad5dedb
SHA256

d091f5d6b863ec5597cf56e8a27538d6412168badccbda92938cdac2533f9640
SHA512

29e6755a7e235cf3842657c4b2006c14dc787d6343cf96d0c9d1268de25bbc709113b43a97349d6cd89e50047cda66d1f6cb2041953e0e2caf03e6715aa0903a
SSDEEP

12288:i6+lI8MTDFLnfP/8f/MUHOlrqBF53XF+reOc0F+nuFyY:iTlUZfI/QRqBb1wRS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.6a6d25c0d36173d73c4660611bfb9c40.exe

Files

NEAS.6a6d25c0d36173d73c4660611bfb9c40.exe
.exe windows:6 windows x64

b38efe1cced70d8f8dbcf593f72894d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

jli

JLI_Launch
JLI_InitArgProcessing
JLI_CmdToArgs
JLI_GetStdArgc
JLI_GetStdArgs
JLI_MemAlloc

msvcr120

getenv
__argc
__argv
_XcptFilter
_amsg_exit
__getmainargs
__set_app_type
exit
_exit
printf
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
__C_specific_handler
__initenv
_fmode
_commode
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_cexit

kernel32

DecodePointer
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
GetCommandLineA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b38efe1cced70d8f8dbcf593f72894d5

Headers

DLL Characteristics

File Characteristics

Imports

jli

msvcr120

kernel32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 208B

.pdata Size: 512B - Virtual size: 204B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 208B

.pdata
Size: 512B - Virtual size: 204B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1.1MB - Virtual size: 1.1MB